It appears that you're running an Ad-Blocker. This site is monetized by Advertising and by User Donations; we ask that if you find this site helpful that you whitelist us in your Ad-Blocker, or make a Donation to help aid in operating costs.

I just realized that I never posted this. This is a cookie grabber for use with XSS vulnerabilities coded in PHP by me. It's simple yet powerful by allowing you to view the cookies through an XHTML interface. There are even login features if you choose to enable them.

Okay, people. I've been getting WAY too many private messages that could be resolved in this thread. If you have questions about this cookie grabber, or XSS in general, reply to this thread. If you need to, create a new thread, but DON'T private message me with that crap. I wont answer anything about this in a private message any longer. Private messages should be used to address things that can not be delt with in a public thread.

Originally posted by Neokd101:have you heard of neopets?? Well if i wanted to cookie grab someones password and username and have it sent to a email address. what would the script look like. so if i put it on a webpage and they visited the webpage it took their username and password and sent it to my emai

If you want to know "If you wanted to make it so that you coded this into a website and when someone visited it, it took their cookies what and it sent the grabbe cookies to an email address woul the code look like", I suggest learning how to write PHP scripts or paying a professional to write it for you.

If you plan on utilizing such vulnerabilities, I expect you'll want to read about XSS, javascript, HTML, and the HTTP protocol.

There is absolutely no way I would do this for you, other than you paying me for the services. The fact is, I wrote that script for my personal use. I released it publicly because I believed that some people may find a use for the code, and be able to include or adapt it for their own releases. I don't intend to write code updates for somebody who wants to use it for a really lame purpose that I honestly don't care about. As Gizmo has put it "We're not here to hold your hand while you piss."

So, to help you out here, I will NOT be writing code for you, and if I were you, I would think it unwise to keep persiting along this line of questioning.

Don't expect to come into a community like this, ask a question, and expect everyone to drop everything they're doing just to help you with your stupid little want to gain access to some lame account on some lame website. Those of us here who know how to write code have taken time and energy to do it, and having someone who has absolutely no knowledge on the subject, or a wish to learn on the subject, is insulting to all of us who do care about what we're learning and want to learn more.

You may want to look up the validity for the script tag's if embedding it randomly in sig's... keep in mind that a lot of sites are becoming more and more xhtml valid, and you'll give away what you're doing if it's throwing off the sites natural validity